SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795)
Security researchers have discovered a vulnerability (CVE-2023-48795) in the SSH cryptographic network protocol that could allow an attacker to downgrade the connection’s security by truncating the extension negotiation message. The Terrapin at.....»»
Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) For October 2024 Patch Tuesday, Microsoft has released fixes.....»»
Stellantis shuffle puts Jeep chief in crucial N.A. role
Dealers are looking to Antonio Filosa, who replaces Carlos Zarlenga as North America COO, for more help moving inventory that on many lots goes back to the 2023 model year......»»
DORA regulation’s nuts and bolts
The frequency, sophistication, and impact of cyber-attacks on financial institutions have been rising. Given the economic system’s interconnected nature, disruptions in one institution can have cascading effects on the broader financial market,.....»»
Data loss incidents impact patient care
92% of healthcare organizations experienced at least one cyber attack in the past 12 months, an increase from 88% in 2023, with 69% reporting disruption to patient care as a result, according to Proofpoint. Healthcare organizations struggle to mitiga.....»»
Qualcomm Chip Vulnerability Leads to Several Android Devices at Risk of Hacking
Qualcomm listed over 64 different chipsets affected by the vulnerability. The post Qualcomm Chip Vulnerability Leads to Several Android Devices at Risk of Hacking appeared first on Phandroid. While modern smartphone chips usually have some.....»»
The Wayback Machine has been hacked, and the internet isn’t happy about it
The Internet Archive's Wayback Machine has suffered two types of attacks, including 31 million unique records being compromised......»»
Huge waves in the atmosphere dump extreme rain on northern Australia
In 2023, almost a year's worth of rain fell over ten days in parts of northwestern Australia, leading to catastrophic flooding in the town of Fitzroy Crossing and surrounds. The rainfall was linked to a tropical cyclone, but there were also lesser-kn.....»»
Internet Archive data breach exposes 31M users; under DDoS attack
An Internet Archive data breach has been confirmed by the organisation, which has also been suffering Distributed Denial-of-Service (DDoS) attacks. The home of the Wayback Machine was previously attacked back in May. At this point, it’s being su.....»»
Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680)
Mozilla has pushed out an emergency update for its Firefox and Firefox ESR browsers to fix a vulnerability (CVE-2024-9680) that is being exploited in the wild. About CVE-2024-9680 Reported by ESET malware researcher Damien Schaeffer, CVE-2024-9680 is.....»»
ESET updates Vulnerability and Patch Management module
ESET released its updated ESET Vulnerability and Patch Management module. With the new update, ESET V&PM has expanded to support Linux1 (desktops and servers), as well as macOS2 devices, covering broader parts of a business’ ecosystem. The V&PM.....»»
Adaptiva improves collaboration between IT and security teams with vulnerability dashboards
Adaptiva announces the latest feature release for OneSite Patch: vulnerability dashboards. These new dashboards provide real-time visibility into Common Vulnerabilities and Exposures (CVEs) in the environment and patches that can remediate them–emp.....»»
New tool provides knowledge on heat stress vulnerability in cities for more targeted adaptation
Heat-related deaths and diseases are a major concern in Europe amid increasing extended periods of extreme heat. A recent study proposes a novel way of quantifying and projecting future vulnerability to heat stress in different areas of a city, provi.....»»
Astronomers race to capture image of exoplanet near star
Planet AF Lep b is a world of firsts. In 2023, it was the lowest-mass planet outside our solar system to be directly observed and have its mass measured using astrometry. This is a technique that charts the subtle movements of a host star over many y.....»»
Satellite data show massive bombs dropped in dangerous proximity to Gaza Strip hospitals in 2023
Satellite data on the proximity of hundreds of M-84 bomb craters to hospitals in the Gaza Strip suggest that, as of November 2023, hospitals were not being given special protection from indiscriminate bombing, as mandated by international humanitaria.....»»
Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409)
If you run a self-managed GitLab installation with configured SAML-based authentication and you haven’t upgraded it since mid-September, do it now, because security researchers have published an analysis of CVE-2024-45409 and an exploit script.....»»
Universal lands Christopher Nolan’s next movie
After the success of Oppenheimer in 2023, Christopher Nolan has elected to stay with Universal Pictures for his next film. And his first actor may be lined up......»»
Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)
For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML Platform, and CVE-2024-43572, a remote code execution.....»»
Ivanti fixes three CSA zero-days exploited in the wild (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381)
Ivanti has patched three additional Cloud Service Appliance (CSA) zero-day flaws, which have been exploited by attackers in conjuction with a zero-day bug the company accidentally fixed in September. The fixed zero-days “We are aware of a limit.....»»
INSANE Prime Day deal shaves 45% off the Motorola Razr+ (2023)!
If you’re looking for a cheap foldable phone, then don’t miss this Prime Day deal for the Motorola Razr+ (2023). The post INSANE Prime Day deal shaves 45% off the Motorola Razr+ (2023)! appeared first on Phandroid. Foldable phones, for.....»»
Qualcomm zero-day under targeted exploitation (CVE-2024-43047)
An actively exploited zero-day vulnerability (CVE-2024-43047) affecting dozens of Qualcomm’s chipsets has been patched by the American semiconductor giant. About CVE-2024-43047 On Monday, Qualcomm has confirmed patches for 20 vulnerabilities af.....»»